<?php
/**
 * 
 * User/LoginAction.class.php (前台会员登陆)
 *
 * @package      	jgsat
 * @author          liuxun QQ:147613338 <admin@jgsat.cn>
 * @copyright     	Copyright (c) 2008-2011  (http://www.jgsat.com)
 * @license         http://www.jgsat.com/license.txt
 * @version        	jgsat企业网站管理系统 v2.1 2011-03-01 jgsat.cn $
 */
if(!defined("JGsat")) exit("Access Denied");
class LoginAction extends BaseAction
{
	
    function _initialize()
    {
        parent::_initialize();
        $this->dao = M('User');
        $this->assign('bcid',0);
    }
    function index()
    {
        $is_mobile=is_mobile();
        if($is_mobile){
            header("Location: ".U('Mobile/Login/index'));
        }
        if($this->_userid){
            $forward = $_POST['forward'] ? $_POST['forward'] :$this->forward ;
            $this->assign('jumpUrl',$forward);
            $this->success(L('login_ok'));exit;
        }
        $this->assign('title','登录');
        $this->display();
    }
 
    function dologin()
    {
        
	//echo sysmd5($_POST['password']);exit;
		$username = get_safe_replace($_POST['username']);
        $password = get_safe_replace($_POST['password']);
        $passeord5=sysmd5($password);
        $verifyCode = get_safe_replace($_POST['verifyCode']);
        $openid = get_safe_replace($_POST['openid']);
        $sina_uid = get_safe_replace($_POST['sina_uid']);
        if(empty($username) || empty($password)){
            $this->error(L('empty_username_empty_password'));
        }

     if($this->member_config['member_login_verify'] && md5($verifyCode) != $_SESSION['verify']){
         $this->error(L('error_verify'));
       }


        $where="username='$username' and password='$passeord5'";
        $authInfo=$this->dao->where($where)->find();
        if(empty($authInfo)){
            $where="mobile='$username' and password='$passeord5'";
            $authInfo=$this->dao->where($where)->find();
        }
        if(empty($authInfo)){
            $where="email='$username' and password='$passeord5'";
            $authInfo=$this->dao->where($where)->find();
        }
       // echo $this->dao->getLastSql();exit;
        if(empty($authInfo)) {
            $this->error(L('password_error'));
        }
        else {
            if($authInfo['password'] != sysmd5($_POST['password'])) {
                $this->error(L('password_error'));
            }
            if($authInfo['status'] != 1)$this->error(L('ACCOUNT_DISABLE'));

            $cookietime =  intval($_REQUEST['cookietime']);

            $cookietime = $cookietime ? $cookietime : 0;

            $jgsat_auth_key = sysmd5($this->sysConfig['ADMIN_ACCESS'].$_SERVER['HTTP_USER_AGENT']);
            $jgsat_auth = authcode($authInfo['id']."-".$authInfo['groupid']."-".$authInfo['password'], 'ENCODE', $jgsat_auth_key);

            
			cookie('auth',$jgsat_auth,$cookietime);
            cookie('username',$authInfo['username'],$cookietime);
            cookie('groupid',$authInfo['groupid'],$cookietime);
            cookie('userid',$authInfo['id'],$cookietime);
            cookie('email',$authInfo['email'],$cookietime);
            cookie('createtime',$authInfo['createtime'],$cookietime);



            //保存登录信息
            $dao = M('User');
            $data = array();
            $data['id']	=	$authInfo['id'];
            $data['last_logintime']	=	time();
            $data['last_ip']	=	 get_client_ip();
            $data['login_count']	=	array('exp','login_count+1');
            if($openid){
                $data['openid']=$openid;
            }
            if($sina_uid){
                $data['sina_uid']=$sina_uid;
            }
            $dao->save($data);



            $forward = $_POST['forward'] ? $_POST['forward'] :$this->forward ;
            $d_url= 'http://'.$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'];
            if(empty($forward) || $forward==$d_url) {
                $forward = URL('User-Index/index');
            }
            $this->assign('jumpUrl',$forward);
            $this->success(L('login_ok'));
        }
    }

    function getpass(){
        $this->display();
    }

    function repassword(){
        if($_POST['dosubmit']){
            $verifyCode = trim($_POST['verify']);
            if(md5($verifyCode) != $_SESSION['verify']){
                $this->error(L('error_verify'));
            }
            if(trim($_POST['repassword'])!=trim($_POST['password'])){
                $this->error(L('password_repassword'));
            }
            list($userid,$username, $email) = explode("-", authcode($_POST['code'], 'DECODE', $this->sysConfig['ADMIN_ACCESS']));
            $user = M('User');
            //判断邮箱是用户是否正确
            $data =$user->where("id={$userid} and username='{$username}' and email='{$email}'")->find();
            if($data){
                $user->password	= sysmd5(trim($_POST['password']));
                $user->updatetime = time();
                $user->last_ip = get_client_ip();
                $user->save();
                $this->assign('jumpUrl',U('User/Login/index'));
                $this->assign('waitSecond',3);
                $this->success(L('do_repassword_success'));
            }else{
                $this->error(L('check_url_error'));
            }
            exit;
        }
        $code = str_replace(' ','+',$_REQUEST['code']);
        $this->assign('code',$code);
        $this->display();
    }
 

    function sendmail(){
        $verifyCode = trim($_POST['verifyCode']);
        $username = get_safe_replace($_POST['username']);
        $email = get_safe_replace($_POST['email']);

        if(empty($username) || empty($email)){
            $this->error(L('empty_username_empty_password'));
        }elseif(md5($verifyCode) != $_SESSION['verify']){
            $this->error(L('error_verify'));
        }

        $user = M('User');
        //判断邮箱是用户是否正确
        $data =$user->where("username='{$username}' and email='{$email}'")->find();
        if($data){
            $jgsat_auth = authcode($data['id']."-".$data['username']."-".$data['email'], 'ENCODE',$this->sysConfig['ADMIN_ACCESS'],3600*24*3);//3天有效期
            $username=$data['username'];
            $url =  'http://'.$_SERVER['HTTP_HOST'].U('User/Login/repassword?code='.$jgsat_auth);
            $message = str_replace(array('{username}','{url}','{sitename}'),array($username,$url,$this->Config['site_name']),$this->member_config['member_getpwdemaitpl']);

            $r = sendmail($email,L('USER_FORGOT_PASSWORD').'-'.$this->Config['site_name'],$message,$this->Config); 
            if($r){
                $returndata['username'] = $data['username'];
                $returndata['email'] = $data['email'];
                $this->ajaxReturn($returndata,L('USER_EMAIL_ERROR'),1);
            }else{
                $this->ajaxReturn(0,L('SENDMAIL_ERROR'),0);
            }
        }else{
            $this->ajaxReturn(0,L('USER_EMAIL_ERROR'),0);
        }
    }


    function emailcheck(){
        if(!$this->_userid && !$this->_username && !$this->_groupid && !$this->_email){
            $this->assign('jumpUrl',U('User/Login/index'));
            $this->success(L('noogin'));exit;
        }

        if($_REQUEST['resend']){
            $uid=$this->_userid;
            $username = $this->_username;
            $email = $this->_email;
            if($this->member_config['member_emailcheck']){
                $jgsat_auth = authcode($uid."-".$username."-".$email, 'ENCODE',$this->sysConfig['ADMIN_ACCESS'],3600*24*3);//3天有效期
                $url = 'http://'.$_SERVER['HTTP_HOST'].U('User/Login/regcheckemail?code='.$jgsat_auth);
                $click = "<a href=\"$url\" target=\"_blank\">".L('CLICK_THIS')."</a>";
                $message = str_replace(array('{click}','{url}','{sitename}'),array($click,$url,$this->Config['site_name']),$this->member_config['member_emailchecktpl']);
                $r = sendmail($email,L('USER_REGISTER_CHECKEMAIL').'-'.$this->Config['site_name'],$message,$this->Config);
                $this->assign('send_ok',1);
                $this->assign('username',$username);
                $this->assign('email',$email);
                $this->display();
                exit;
            }
        }
        if($this->_groupid==8){
            $this->display();
        }else{
            $this->error(L('do_empty'));
        }	
    }
	
    function regcheckemail(){
        $code = str_replace(' ','+',$_REQUEST['code']); 
        list($userid,$username, $email) = explode("-", authcode($code, 'DECODE', $this->sysConfig['ADMIN_ACCESS'])); 
        $user = M('User');
        //判断邮箱是用户是否正确
        $data =$user->where("id={$userid} and username='{$username}' and email='{$email}'")->find();
        if($data){
            $user->groupid = 6;
            $user->id = $userid;
            $user->save();
            $ru['role_id']=6;
            $roleuser=M('RoleUser');
            $roleuser->where("user_id=".$userid)->save($ru);
            $this->assign('jumpUrl',U('User/Login/index'));
            $this->assign('waitSecond',3);
            $this->success(L('do_regcheckemail_success'));
        }else{
            $this->error(L('check_url_error'));
        }
    }
 

    function logout()
    {
        cookie(null,'YP_');
        $this->assign('jumpUrl',U('Home/Index/index'));

        $this->success(L('loginouted'));
    }
}
?>